Bug 445282

Summary: Kernel crashes with ipsec connection over ppp
Product: [Fedora] Fedora Reporter: Magnus Vesterlund <magnus_vesterlund>
Component: kernelAssignee: Herbert Xu <herbert.xu>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: 9CC: kernel-maint
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-14 00:56:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Description Flags
Sample panic messages. none

Description Magnus Vesterlund 2008-05-05 21:42:00 UTC
Kernel crashes with ipsec connection over ppp

Description of problem:

I get kernel crashes when I set up an ipsec connection over ppp on a Huawei E220
HSDPA USB modem in the Fedora 9 beta. If I try to copy a large file over the
ipsec connection the machine hangs completely within a few seconds with the caps
lock and scroll lock lights blinking. I have an ipsec.conf file that looks like
this, somewhat censored:

version	2.0

config setup

conn xxx

include /etc/ipsec.d/*.conf

If I set up an identical ipsec connection on an ethernet interface instead it
works without problems, and non-ipsec traffic on the ppp connection doesn't
cause any problems.

I have seen a few different kernel panic messages, attaching a file with three

Version-Release number of selected component (if applicable):

How reproducible:
Crashes within a few seconds every time.

Steps to Reproduce:
1. Set up ipsec connection over ppp connection over HSDPA USB modem.
2. Copy a large file over the connection using scp.

Actual results:
Kernel crash.

Expected results:
No kernel crash.

Comment 1 Magnus Vesterlund 2008-05-05 21:42:00 UTC
Created attachment 304566 [details]
Sample panic messages.

Comment 2 Bug Zapper 2008-05-14 10:41:15 UTC
Changing version to '9' as part of upcoming Fedora 9 GA.
More information and reason for this action is here:

Comment 3 Chuck Ebbert 2008-05-17 05:48:10 UTC
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c:ipv4_conntrack_help(), line 131

        return helper->help(skb, skb_network_offset(skb) + ip_hdrlen(skb),
                            ct, ctinfo);

helper contains a bad address: 0xffff810000000100

Comment 4 Herbert Xu 2009-01-08 06:44:18 UTC
Is this still reproducible with the latest kernel? Thanks!

Comment 5 Magnus Vesterlund 2009-01-13 16:35:16 UTC
Seems to be fixed. I can't reproduce with neither kernel- nor kernel-